3ee491f51f6228631b68ffab12660c2a_JaffaCakes118 | Triage

Sharing

General

Target

3ee491f51f6228631b68ffab12660c2a_JaffaCakes118
Size

248KB
MD5

3ee491f51f6228631b68ffab12660c2a
SHA1

617bf6fee1cc1975dd11dbe70d3cd067eb775530
SHA256

a6032b78b94191d7f068341c4459b3b813ea2f79727348be2e9607c22648328c
SHA512

57a4e86d365cc50b9c835200d566f3530a4015cb0ecbc789af87dd1cad73c30eb1ea69db4ec6ed1cd3ba965d72df0e3edf6e08bdd597016cce713ab796019fb7
SSDEEP

3072:vQAbgIRJ/xdocfN/f0hb3I5dyCp9POqlQyktOilZ0nKHJNP+yHcLd8L30:dgIRJLP0l3Idp4qlN4WGcBp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ee491f51f6228631b68ffab12660c2a_JaffaCakes118

Files

3ee491f51f6228631b68ffab12660c2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5bc2331b86562a99328f8d730d1e8b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoRegisterSurrogate
CoRegisterClassObject
CoUninitialize
OleInitialize
OleSetContainedObject
OleUninitialize

userenv

ExpandEnvironmentStringsForUserA
EnterCriticalPolicySection

msvcrt

exit
_XcptFilter
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
_exit
_ftol
_acmdln

kernel32

LocalFree
LoadLibraryA
GetLastError
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary
GetProcAddress
GetStartupInfoA
GetModuleHandleA
VirtualProtect
WritePrivateProfileStringA
ExpandEnvironmentStringsA

Exports

Exports

actclear
decidelet
picturefamily
shapePossible

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ